Build, Test, Publish Github and PyPI Releases #28
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build, Test, Publish Github and PyPI Releases | |
on: | |
workflow_dispatch: | |
permissions: | |
contents: write | |
jobs: | |
publish_github_release_and_pypi: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 | |
with: | |
egress-policy: audit | |
- name: Check out the repository | |
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 | |
with: | |
fetch-depth: 0 | |
- name: Set up Python | |
uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d | |
with: | |
python-version: '3.11' | |
- name: Install pip and pipenv | |
run: | | |
python -m pip install --root-user-action=ignore --upgrade pip | |
pip install --root-user-action=ignore pipenv | |
make venv | |
- name: Build Release tar.gz | |
run: | | |
pipenv run python setup.py sdist | |
- name: Install Build and Run PAT Tests | |
run: | | |
pipenv run pip install --root-user-action=ignore dist/panther_analysis_tool-*.tar.gz | |
pipenv run make test | |
- name: Create Github Release | |
run: | | |
export NEW_VERSION=$(cat VERSION) | |
git config user.name "dac-bot" | |
git config user.email "[email protected]" | |
gh release create v$NEW_VERSION dist/* -t v$NEW_VERSION --draft | |
env: | |
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Publish to PyPI | |
run: | | |
pipenv run twine upload dist/* | |
env: | |
TWINE_USERNAME: ${{ secrets.TWINE_USERNAME }} | |
TWINE_PASSWORD: ${{ secrets.TWINE_PASSWORD }} |